Re: VLAN Hacking Tutorial at InfoSec Institute

[Bob Dobbs <bobd10937 () gmail com>]

This tutorial just rehashes ancient techniques in a general way in spotty
english.The insecurity of ARP among other issues listed are problems on any
layer 2 network and have little to do with VLAN. ARP flooding to make a
switch go into hub mode hasn't been an issue in decent switches for quite a
few years now.

The Cisco whitepaper referenced at the bottom is worth a read though
because proper configuration is indeed important:

http://www.cisco.com/en/US/products/hw/switches/ps708/products_white_paper09186a008013159f.shtml

The @Stake VLAN security whitepaper is a good read also:

http://www.cisco.com/warp/public/cc/pd/si/casi/ca6000/tech/stake_wp.pdf

Most importantly, it says:

"The results of @stake’s test sequences clearly demonstrate that edge
technologies,
including tools such as VLANs on Cisco Catalyst switches, when configured
according to best-
practice guidelines, can be effectively deployed as security mechanisms.”

On Thu, Dec 8, 2011 at 7:19 AM, Adam Behnke <adam () infosecinstitute com>wrote:

> Ever wanted to learn how to hack a VLAN? Here is a tutorial for all of you:
> ****
>
> ** **
>
> http://resources.infosecinstitute.com/vlan-hacking/****
>
> ** **
>
> ** **
>
> ** **
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/